<?php
session_start();
require_once 'database.php';

// 检查用户是否已登录
if (!isset($_SESSION['user_id'])) {
    header('Location: login.php');
    exit;
}

// 处理创建新用户
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $username = $_POST['username'];
    $school = $_POST['school'];
    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);

    try {
        $stmt = $pdo->prepare('INSERT INTO users (username, password, school) VALUES (?, ?, ?)');
        $stmt->execute([$username, $password, $school]);
        
        // 重定向回用户管理页面并显示成功消息
        header('Location: users.php?status=created');
        exit;
    } catch (PDOException $e) {
        die('创建用户失败: ' . $e->getMessage());
    }
}
?>